Civilian Drones in US Could Possibly Be Hijacked for Use in Attacks

The Federal Aviation Administration is planning on authorizing drone use that might result in 30,000 Unmanned Aerial Vehicles (UAVs) cruising through US airspace in the next decade. (There are already drones flying intelligence and law enforcement surveillance over American territory.) Many of these will be for commercial use (for instance, FedEX is preparing to use drones for deliveries to smaller markets).

But as of today, such drones present a chilling possibility beyond the already invasive loss of privacy and crowding of the skies: using a non-encrypted GPS system, the drones can possibly be hijacked and used for destructive purposes, potentially as bomb delivery vehicles by domestic or foreign terrorists.

Assistant Professor Todd Humphreys of the Department of Aerospace Engineering at the University of Texas at Austin confirmed to BuzzFlash at Truthout that such a vulnerability exists. Humphreys developed the prototype for what is known as a "spoofer," a device that can seize control of a civilian drone (military drones are encrypted and less vulnerable to hijackings, although they can be jammed and disrupted in certain circumstances ‚Äď which possibly explains how the Iranians captured a fully intact CIA surveillance drone).

Last year, Humphreys and his aerospace engineering team at the University of Texas demonstrated to the Department of Homeland Security and the FAA how, with equipment costing less than $2000, a drone could be hijacked in a controlled setting with a "spoofer." A similar experiment also proved successful at Carnegie Mellon University, according to Space.com: "The overall landscape of GPS vulnerabilities is startling, and our experiments demonstrate a signiÔ¨Ācantly larger attack surface than previously thought," a research paper about the Carnegie Mellon study concluded. "Until GPS is secured, life and safety-critical applications that depend upon it are likely vulnerable to attack."

Humphreys told Truthout at BuzzFlash that he is hopeful that the US government is now paying attention to the security hole in the current GPS system for civilian drones:

We can safely say that since our experiment this past summer they have snapped to attention and are taking this seriously. The FAA has a team of 25 working on it. They are allowing three years to work on this problem. The Department of Homeland Security is moving slowly forward. They get credit for allowing our tests to move forward. They get credit for releasing money for research.

But Humphreys remained uncertain that government agencies would fix the GPS vulnerability before external pressures force US airspace use of drones in the tens of thousands.

This means that civilian drones could possibly be manipulated in the future to crash into planes, to bomb targets, or for other deadly purposes.

In testimony last year before the Subcommittee on Oversight, Investigations, and Management of the House Committee on Homeland Security, Humphreys estimated that, at this time, "As a point of reference, I estimate that there are more than 100researchers in universities across the globe who are well-enough versed in software-defined GPS that they could develop a sophisticated 'spoofer' from scratch with a year of dedicated effort." Although Humphreys believes that terrorist organizations do not currently have the scientific knowledge base to build a "spoofer," they could obtain one from research conducted by a friendly nation state or academic institution.

Another major concern is that technology and software capabilities become less expensive and more accessible over time.

Although Humphreys believes that the knowledge to develop a high-accuracy "spoofer" is now limited, he admitted in his congressional testimony: "However, a GPS signal simulator, a piece of test equipment that is readily obtainable from various vendors, can serve as an unsophisticated yet effective GPS 'spoofer.'" Humphreys then points out the limitations of the commercially available "spoofer," but in the end concedes:

These differences are only important if one wishes to carry out a stealthy spoofing attack, that is, one that effects a near-seamless transition from authentic to counterfeit signals and is therefore difficult to detect by simple timing and signal checks within the target system. But this is hardly necessary for a successful attack against most targets at present, given that few GPS-based systems perform even these rudimentary checks. Indeed, a vulnerability assessment team from Los Alamos National Lab convincingly demonstrated over a decade ago that an off-the-shelf GPS signal simulator is sufficientto mount a spoofing attack, and spoofing defenses in commercial receivers have hardly progressed since that time.

As Humphrey has pointed out, given the apparent ability to hijack drones, planes wouldn't have necessarily been needed to accomplish the 9-11 attacks. Terrorists could just hijack a few drones, attach bombs, and fly them into their targets.

Then, of course, there is another major concern. At what point will those who wish to do harm to the US ‚Äď including domestic terrorists of the Timothy McVeigh variety -- just simply be able to buy their own drones on the black market?

Either way, the emergence of drones as a technological tool for surveillance and a way of sanitizing assassinations and military bombing appears to be on the potential verge of coming back to haunt us as a nation.